Dynamic Device Authentication

High assurance identity of hardware devices is an enabling technology with applications in security and supply chain management. Sypris’ Resilient Device Authentication System (RDAS) provides an end-to-end solution for identification and authentication of electronic hardware. RDAS builds on the physical mechanisms for establishing hardware-based root-of-trust, while combining traditional authentication elements that manage device identity through the lifecycle of a system and the applications it supports. This begins in the manufacturing process; RDAS not only supports Supply Chain Risk Management (SCRM), but forms the foundation for “trust” of a device and then supports the extension of that trust into deployment.

A device authentication technology used by RDAS is the Physically Unclonable Function (PUF). PUFs exploit manufacturing variation in integrated circuits to provide a hardware-based identity that is specific to each device. These devices also have a small footprint; thus, optimizing opportunities where size, weight and power are essential. Recent advances in PUFs have improved on their environmental reliability and randomness characteristics, making them an ideal solution for supporting high assurance, cryptographic applications.

The RDAS system has been demonstrated as part of Sypris’ Advanced Metering Infrastructure (AMI) solution incorporated into the Department of Energy’s Centralized Key Management System (CKMS) program which uses a PUF to both uniquely identify the meter and generate multiple keys as needed to support the meter’s functions. Our solution is an upgrade of the current key management strategy used in these meters, offering built-in, enhanced security capabilities.